Transcript pentest

COMP091 – Operating Systems 1
Kernel, Interrupts,
Files, Directories
Kernel
•
Kernel: Performs basic necessary functions
•
– File systems
– Device drivers
– Memory manager
– Process manager (Scheduler, dispatcher, etc..)
– System calls
The part of the OS that is always resident and active
•
Sits between applications and hardware
•
In a sense, the kernel is the OS
Kernel
Types of Kernels
•
Monolithic vs Micro kernel
•
Monolithic kernels perform most of their
functions themselves and are larger, but
sometimes thought to be faster
•
Microkernel performs only the minimum
functions themselves, using user space servers
to perform as much as possible
•
Microkernels are smaller, considered to be
easier to maintain, but maybe slower
Modes
•
Supervisor, or kernel mode
–
•
When machine operates in kernel mode full access to
hardware is available
Protected, or user mode
–
In this mode hardware (and some other resources) are
accessible only through system calls
•
Mode changes when the OS dispatches a user process
•
Returns to kernel mode when system call is made
•
Mode changes are expensive, hence slow micro kernels
Hybrid Kernels
• A compromise approach
• Like a larger micro kernel
• Avoids performance problems of micro kernels
• Most commercial kernels considered to be
hybrid kernels
– NT, XP, Vista, Seven, 10 ...
• Unix based kernels are monolithic
– Except Hurd and Minix which are micro
Modular Kernel
•
Linux kernel is monolithic, but also modular
•
Kernel modules can be loaded at run time
–
•
Modules often handle optional features
–
•
But only if needed
Specific device drivers, file system handlers etc
Windows DLLs (dynamic link libraries) perform
similar function but in less disciplined manner
System Calls
•
System call
–
•
The method used by a process to request action
by the operating system.
Used to perform functions not available in user
space
–
IO
–
Spawn a process
–
Other Operating System functions
Making a System Call
•
Program sets data in specified location for OS
–
Register
–
Push on stack
•
Program uses TRAP instruction to generate a particular
interrupt
•
Interrupt causes control to pass to appropriate handler
process in kernel
•
Switch to kernel mode
•
Kernel processes call (if valid)
•
Control then returns to application (and to user mode)
Interrupts
•
Usually implemented through hardware
–
Interrupt controller
•
Can be generated by hardware, software,
firmware
•
Most systems have a number of different
interrupt numbers (types)
•
Each interrupt type causes transfer of control to
an interrupt vector
–
Address of process(es) that handle the interrupt
Interrupt Types
•
Shared interrupts have more than one handler
–
Each handler is given an opportunity to handle
the interrupt
•
More efficient to not share interrupts
•
Interrupt handlers can “mask” other interrupt
types to prevent the handler being interrupted
•
“Masking” prevents an interrupt type from
working
•
Some interrupts are non-maskable
Sources of Interrupts
•
System calls
–
•
Hardware/Firmware
–
•
IO devices generate interrupt when operation
completes
Timer
–
•
TRAP instruction generates an interrupt to system
call handler
Timer interrupts are used to signal end of time slice,
update system clock etc
Memory violations
–
Segment fault if attempt made to access address
outside of allowed segment
Interrupt Process
• Hardware interrupts current process
• Machine state is saved (usually on stack)
• Control passed to handler
• Interrupts may get masked
• Interrupt is processed
• Machine state restored
• Control returned to interrupted program
Interrupt Lines
•
On the Intel 8259 family of PICs
(Programmable Interrupt Controller) there are 8
lines
•
X86 computers use two 8259's for 16 interrupt
lines, IRQ0 – IRQ15
•
IRQ2 used by second controller to signal the
first
IRQ assignments
•
IRQ 0 system timer (cannot be changed);
•
IRQ 1 keyboard controller (cannot be changed);
•
IRQ 2 cascaded signals from IRQs 8 -15
–
Any devices configured to use IRQ 2 will actually be
using IRQ 9
•
IRQ 3 serial port controller for COM2 (shared with COM4, if
present);
•
IRQ 4 serial port controller for COM1 (shared with COM3, if
present);
•
IRQ 5 LPT port 2 or sound card;
•
IRQ 6 floppy disk controller;
•
IRQ 7 LPT port 1
IRQ assignments
•
IRQ 8 RTC Timer
•
IRQ 9 Left open for peripherals or SCSI host adapter;
•
IRQ 10 Left open for peripherals or SCSI or NIC;
•
IRQ 11 Left open for peripherals or SCSI or NIC;
•
IRQ 12 mouse on PS/2 connector;
•
IRQ 13 math co-processor or integrated floating point unit
or inter-processor interrupt (use depends on OS);
•
IRQ 14 primary ATA channel;
•
IRQ 15 secondary ATA channel
APIC
•
Newer x86 systems use Advanced
Programmable Interrupt Controller (APIC)
•
Programming interface for up to 255 hardware
IRQ lines per APIC,
•
Typical system supports only 24 hardware lines.
•
Extra 8 IRQs are used for PCI interrupts,
•
Avoids conflict between dynamic PCI interrupts
and static ISA interrupts
PCI Interrupts
• PCI devices have 4 interrupts called A B C and
D
• These are routed to four (or more) of the APIC
interrupt lines
• Devices can share the interrupts, so the interrupt
handlers have to check buffers or registers to see
if the interrupt is really for them
Message Signaled Interrupts
• Do not use interrupt lines
• Place data in a specific memory location to raise
an interrupt
• Requires fewer pins
• Avoids some race conditions
• Used by PCI express
• Number of interrupt types not limited by
number of lines
Resources
•
A little out of date but comprehensive:
–
•
http://www.osdata.com/index.htm
Wikipedia articles are good
–
http://en.wikipedia.org/wiki/Operating_system
–
http://en.wikipedia.org/wiki/Interrupt
–
http://en.wikipedia.org/wiki/Kernel_%28computi
ng%29
Filesystems
Purpose of File Systems
•
Mechanism that provides long-term information
storage
•
Large amounts of information
•
Stored persistently
–
Survives termination of process
•
Information is stored in files indexed by
directories
•
The file system is the component of the OS that
manipulates the information in files and
directories
Files
•
A collection of related bytes having meaning
only to the creator
•
The file is “contained in” in a directory.
– Actually, only the file name is contained in a
directory, file is in some random location on the
disk.
•
The file may have attributes (name, creator,
date, type, permissions)
•
The file usually has internal structure
Files
•
•
The OS may or may not know about the internal
structure of files
–
An Operating System understands program image
format in order to create a process.
–
The UNIX shell understands how directory files
are structured
Usually the Operating System recognizes file
types, but the internal structure of file is not the
business of the OS
Files
•
A file is a logical storage unit defined by the OS
providing a mechanism to store data on
physical devices such as disk , tape , CD
•
Files are physically created by the OS
File Naming
•
Some OS (Linux) recognize the difference
between upper and lower case letters in names
•
Windows doesn't
•
The file extension (part of the name following
the last “.”) conventionally indicates the type of
the file
•
To the OS, file extension are largely just
conventions and are not enforced by OS
•
But user software is aware of extension and
associates programs with particular extensions
File Extensions
File Attributes
•
File attributes can vary from one OS to another
•
Generally something like the following is
maintained
–
Name – the only information kept in humanreadable form
–
Identifier - unique tag (number) identifies file
within file system
–
Type - needed for systems that support different
types
–
Location - pointer to file location on device
–
Size - current file size
File Attributes (cont.)
– File owner, for protection, security, and usage
monitoring
– Protection - controls who can do reading, writing,
executing
– Time stamps: MAC – Modified, Accessed,
Created
– user identification
•
Information about files is kept in the directory
structure, which is maintained on the disk.
File Types
•
Depends on OS but these are common:
–
Regular files: User files (ASCII or binary)
–
Directory files: System files used to maintain
directory structure
–
I/O files: Special system files dedicated to I/O
–
Executable files: OS usually expects special
structure for these files
–
Links: pointers to other files
Blocks
•
Actual access to data on storage medium is not
byte by byte
•
Bytes must be packed into physical blocks
•
Block size is fixed for disks, variable for tape
•
If user wants smaller, larger or no “logical”
blocks data must still be mapped into physical
blocks for transfer to medium
File Access Modes
•
Generally two types of access are provided
•
Sequential access:
–
•
Starts from the beginning and reads sequentially
Random access:
–
Can access any byte in the file directly.
•
OS provides these access modes to the user
•
Before database IBM OS's also provided
indexed access
–
Random access by key
Sequential Access
•
Implemented by the filesystem.
•
Data are accessed one record after the other
•
Reads cause a pointer to be moved ahead
•
Writes allocate space for the record at the End of
File and move the pointer to the new EOF
Random, or Direct Access
•
Method only useful for disks.
•
The file is viewed as a numbered sequence of
records or bytes
–
Relative record access / Relative byte access
•
There are no restrictions on which blocks are
read/written or order in which read or written
•
User now says "read n" rather than "read next".
•
"n" is a number relative to the beginning of file,
not relative to an absolute physical disk
location.
File Operations
•
Create: Tell OS that file data are coming and set
attributes and allocate space, enter in directory
•
Delete: Free disk space, adjust directory
structure
•
Open : Fetch the attributes and location of the
file and prepare to transfer data
•
Close: Release internal table space and write the
file's last block
File Operations
•
Read: Data is read from the file and put into
memory for user access
•
Write: Data are written to the file at the current
or specified position
•
Append: Adds data to the end of file
•
Seek: For random access of data from the file,
repositions the file pointer for reading
•
Rename: Change the name of the file
•
Get & Set attribute: Get attributes of file or set
attributes of a file
Directories
•
Mechanism provided by OS to keep track of
files.
•
A directory records information about the files
•
Typically contains one entry per file. It may
contain Name, Attributes and Location
•
Or it may contain Name and pointer to Attribute
information
•
File may be a subdirectory, producing a
hierarchical directory structure with “paths” to
files
Directory Structure
Path Names
•
Strings together directory names and the file
name
•
Starting from from some point in the structure
down to the bottom
•
Absolute path starts at root
•
Relative path starts at some other point, usually
the current working directory
•
The special path “.” refers to the current
directory and “..” refers to the parent of the
current directory
Directory Operations
•
Create
•
Delete
–
•
Only empty directory can be deleted
Rename
This week's lab
• Explore some basic attributes of windows
directories